apache directory studio apache ds configuration

Apache Directory StudioApache DS Configuration

User's Guide

Apache Directory Studio Apache DS Configuration: User's GuideVersion 1.5.2.v20091211Copyright © 2006 - 2009 Apache Software Foundation

Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

http://www.apache.org/licenses/LICENSE-2.0

iv

Table of ContentsI. Getting started ................................................................................................................ 1

1. Download and installation ........................................................................................ 12. Configuration Editor ................................................................................................ 4

2.1. Editor for Apache DS 1.5.0 ............................................................................ 42.2. Editor for Apache DS 1.5.1 .......................................................................... 112.3. Editor for Apache DS 1.5.2 .......................................................................... 192.4. Editor for Apache DS 1.5.3 .......................................................................... 272.5. Editor for Apache DS 1.5.4 .......................................................................... 352.6. Editor for Apache DS 1.5.5 .......................................................................... 42

II. Tasks .......................................................................................................................... 511. Open a Server Configuration ................................................................................... 512. Create a new Server Configuration ........................................................................... 51

III. What's new ................................................................................................................. 53IV. Release notes .............................................................................................................. 55

1

Chapter I. Getting startedThis part of the guide provides you a sum up of the basic concepts of the Apache DS Configuration.

1. Download and installationBeside the integration in Apache Directory Studio the Apache Directory Studio Apache DS Configurationcan also be installed as a plug-in into a regular Eclipse installation. This section describes this alternative.

Using the Eclipse Install/Update Manager is the easiest way to install the Apache Directory Studio ApacheDS Configuration plug-in. From workbench menu choose Help # Software Updates # Find and Install....

In the opened wizard choose Search for new features to install and click Next .

Next please specify the Apache Directory Studio update site. Click the New Remote Site... button. In thedialog input the following and press OK :

• Name: Apache Directory Studio Update Site

• URL: http://directory.apache.org/studio/update/1.x

Make sure the new update site is checked an press Finish .

Getting started

2

Now the install manager checks the update site and presents the search results. Select the feature you wantto install - of course the Apache Directory Studio Apache DS Configuration - and click Next .

Accept the license agreement, the Apache Directory Studio Apache DS Configuration is distributed underthe Apache License, Version 2.0.

Getting started

3

In the next dialog ensure that the Apache Directory Studio Apache DS feature is selected and click toFinish .

Now the install manager loads the necessary files. When download is finished you have to verify theinstallation, please click to Install .

Getting started

4

After installation it is recommended to restart the Eclipse workbench.

2. Configuration EditorThe Configuration Editor currently supports 4 versions of Apache DS. Each version having a specificassociated editor.

• The Editor for Apache DS 1.5.0 allows you to edit the 'server.xml' file of an Apache DS version1.5.0 installation.






2.1. Editor for Apache DS 1.5.0The Configuration Editor for Apache DS consists in a 4 pages Editor:

• The General page allows you to set "general" settings about the server such as the server port,administrator DN, password, etc...

• The Partitions page allows you to manage your server partitions.

• The Interceptors page allows you to manage your server interceptors.

• The Extended Operations page allows you to manage your server extended operations handlers.

2.1.1. General Page

The General Page of the Configuration Editor allows you to edit the server settings.

Getting started

5

It contains four sections : Settings , Binary Attribute , Limits and Options .

Here's what the General Page looks like:

Settings

A Port is mandatory and must be an integer between 1 to 65535.

An Authentication method is mandatory and is at the moment not editable and set to ' Simple

A Principal is mandatory and represents the DN of the Administrator of the server.

A Password is mandatory and represents the password of the Administrator of the server.

Check the Show Password checkbox to display the password in a unhidden form.

Check the Allow Anymous Access checkbox to allow anymous access on the server.

Binary Attributes

This section allows you to specify to the server the attribute types that you want to be handled as binarycontent.

Getting started

6

Use the Add... , Edit... and Delete buttons to set your Binary Attributes.

Limits

This section allows you to specify the Limits of the server.

Max. Time Limit lets you choose the maximum time that should last a request (in milliseconds).

Max. Size Limit lets you choose the maximum number of entries that should be returned.

Synchronization Period lets you choose the number of milliseconds between two synchronizations.

Max. Threads lets you choose the number of threads that should be used by the server in its execution.

Options

Check the Enable Access Control to enable Access Control on the server.

Check the Enable NTP to enable NTP on the server.

Check the Enable Kerberos to enable Kerberos on the server.

Check the Enable Change Password to enable Change Password service on the server.

Check the Denormalize Operational Attributes to use a more human readable form('uid=admin,ou=system' instead of '0.9.2342.19200300.100.1.1=admin,2.5.4.11=system') for OperationalAttributes on the server.

2.1.2. Partitions Page

The Partitions Page of the Configuration Editor allows you to edit the server partitions.

Getting started

7

Here's what the Partitions Page looks like:

The page is divided vertically in two parts.

You can choose the orientation of the page by clicking on the appropriate button ("Horizontal Orientation" or "Vertical Orientation" ) at the right of the page.

The left side of the page shows the partitions defined on the server. This is where you can add or deletea partition.

The right side of the page display and lets you edit the details of the selected partition in the left side.

Partition details

Getting started

8

An Name is mandatory for the partition.

A Cache Size is mandatory for the partition.

Check the Enable Optimizer checkbox to enable the optimizer for the partition.

Check the Synchronization On Write checkbox to enable the synchronization on write for the partition.

Context Entry

This section allows you to specify to the server the attribute/value pairs that will be used for the ContextEntry of the partition.

Use the Add... , Edit... and Delete buttons to set your values.

Indexed Attributes

This section allows you to specify to the server the attributes that should be indexed and the their cache size.

Use the Add... , Edit... and Delete buttons to set the indexed attributes.

The following icons can appear in the Partitions Page.

Icon Description

Standard Partition

System Partition

2.1.3. Interceptors Page

The Interceptors Page of the Configuration Editor allows you to edit the server interceptors.

Here's what the Interceptors Page looks like:

Getting started

9



The left side of the page shows the interceptors defined on the server. This is where you can add or deletean interceptor.

You can also choose the order of the interceptors in the interceptors' chain using the "Up" and "Down"buttons.


Getting started

10

Interceptor details

A Name is mandatory for the interceptor.

The Class of the interceptor is mandatory.

The following icons can appear in the Interceptors Page.

Icon Description

Interceptor

2.1.4. Extended Operations Page

The Extended Operations Page of the Configuration Editor allows you to edit the server extendedoperations.

Here's what the Extended Operations Page looks like:



The left side of the page shows the extended operations defined on the server. This is where you can addor delete an extended operation.

Getting started

11


Extended Operation details

The Class of the extended operation is mandatory.

The following icons can appear in the Extended Operations Page.

Icon Description

Extended Operation

2.2. Editor for Apache DS 1.5.1

The Configuration Editor for Apache DS consists in a 4 pages Editor:

• The General page allows you to set "general" settings about the server such as the server port,administrator DN, password, etc...




2.2.1. General Page


It contains six sections : Administrator Settings , Protocols , Supported Authentication Mechanisms, Binary Attributes , Limits and Options .


Getting started

12

Administrator Settings

A Principal is mandatory and represents the DN of the Administrator of the server.

A Password is mandatory and represents the password of the Administrator of the server.

Check the Show Password checkbox to display the password in a non-hidden form.

Protocols

This section allows you to enable/disable each of the following protocols and specify the port it is runningon:

• LDAP (default port: 10389)

• LDAPS (default port: 636)

Getting started

13

• Kerberos (default port: 88)

• NTP (default port: 123)

• DNS (default port: 53)

• Change Password (default port: 464)

Supported Authentication Mechanisms

This section allows you to specify the supported authentication mechanisms. You can choose between thefollowing mechanisms:

• SIMPLE

• CRAM-MD5

• DIGEST-MD5

• GSSAPI

Binary Attributes

This section allows you to specify to the server the attribute types that you want to be handled as binarycontent.

Use the Add... , Edit... and Delete buttons to set your Binary Attributes.

Limits




Getting started

14



Options









Getting started

15



Partition details

An ID is mandatory for the partition.




Context Entry



Indexed Attributes

This section allows you to specify to the server the attributes that should be indexed and the their cache size.

Getting started

16



Icon Description

Standard Partition

System Partition








Getting started

17


Interceptor details

A Name is mandatory for the interceptor.

The Class of the interceptor is mandatory.


Icon Description

Interceptor




Getting started

18






The Class of the extended operation is mandatory.


Icon Description

Extended Operation

Getting started

19

Icon Description

2.3. Editor for Apache DS 1.5.2The Configuration Editor for Apache DS consists in a five pages Editor:

• The General page allows you to set "general" settings about the server such as enabling/disablingprotocols, setting protocols ports, limits, etc...

• The Authentication page allows you to set "authentication" settings such as the supportedauthentication mechanisms, SASL settings, etc...




2.3.1. General Page


It contains three sections : Protocols , Limits and Options .


Protocols


Getting started

20







Limits






Options




2.3.2. Authentication Page

The Authentication Page of the Configuration Editor allows you to edit the server authentication settings.

It contains four sections : Supported Authentication Mechanisms , SASL Settings , SASL QualityOf Protection and SASL Realms .

Here's what the Authentication Page looks like:

Getting started

21



• SIMPLE

• CRAM-MD5 (SASL)

• DIGEST-MD5 (SASL)

• GSSAPI (SASL)

SASL Settings

This section allows you to specify to the SASL setting.

Getting started

22

The SASL Host field represents the name of the host.

The SASL Principal field represents the service principal name that the server-side of the LDAP protocolprovider will use to "accept" a GSSAPI context initiated by the LDAP client. The SASL principal MUSTfollow the name-form "ldap/[fqdn]@[realm]".

The Search Base DN field represents the Distinguished Name where a subtree-scoped DIT search will beperformed. This is BOTH where the LDAP service principal must reside, as well as where user principalsmust reside.

SASL Quality Of Protection

This section allows you to specify the SASL quality of protection. You can choose between the followingvalues:

• auth (Authentication only)

• auth-int (Authentication with integrity protection)

• auth-conf (Authentication with integrity and privacy protection)

SASL Realms

This section allows you to specify to the SASL realms.

Use the Add... , Edit... and Delete buttons to set your SASL Realms.




Getting started

23





Partition details

Getting started

24



A Suffix is mandatory for the partition.



Context Entry



Indexed Attributes

This section allows you to specify to the server the attributes that should be indexed and their cache size.



Icon Description

Standard Partition

System Partition




Getting started

25





The right side of the page display and lets you see the details of the selected interceptor in the left side.

Interceptor details

The Name field displays the name of the interceptor.

Getting started

26

The Description field displays the description of the interceptor.


Icon Description

Interceptor







The right side of the page display and lets you see the details of the selected extended operation in theleft side.


The Name field displays the name of the extended operation.

Getting started

27

The Description field displays the description of the extended operation.


Icon Description

Extended Operation







2.4.1. General PageThe General Page of the Configuration Editor allows you to edit the server settings.



Protocols

Getting started

28








Limits






Options







Getting started

29




• SIMPLE

• CRAM-MD5 (SASL)


• GSSAPI (SASL)

• NTML (SASL)

• GSS-SPNEGO (SASL)

Getting started

30

SASL Settings










SASL Realms






Getting started

31





Partition details

Getting started

32






Context Entry



Indexed Attributes




Icon Description

Standard Partition

System Partition




Getting started

33






Interceptor details


Getting started

34



Icon Description

Interceptor










Getting started

35



Icon Description

Extended Operation







2.5.1. General PageThe General Page of the Configuration Editor allows you to edit the server settings.



Protocols

Getting started

36








Limits






Options







Getting started

37




• SIMPLE

• CRAM-MD5 (SASL)


• GSSAPI (SASL)

• NTML (SASL)


Getting started

38

SASL Settings










SASL Realms






Getting started

39





Partition details






Getting started

40

Indexed Attributes




Icon Description

Standard Partition

System Partition








Getting started

41


Interceptor details




Icon Description

Interceptor





Getting started

42








Icon Description

Extended Operation







2.6.1. General Page



Getting started

43


Protocols








Limits




Getting started

44



Options








Getting started

45



• SIMPLE

• CRAM-MD5 (SASL)


• GSSAPI (SASL)

• NTML (SASL)


SASL Settings








Getting started

46



SASL Realms









Getting started

47


Partition details






Indexed Attributes




Icon Description

Standard Partition

System Partition




Getting started

48






Interceptor details



Getting started

49


Icon Description

Interceptor










Getting started

50



Icon Description

Extended Operation

51

Chapter II. Tasks

1. Open a Server ConfigurationTo open a Server Configuration, locate the File menu and select " File > Open File... ".

2. Create a new Server ConfigurationTo create a new Server Configuration, locate the File menu, select " File > New... " in Apache DirectoryStudio or " File > New > Other... " in Eclipse.

In the New Wizard Selection panel, select " Apache DS > Apache DS Configuration File ".

The following wizard appears:

Tasks

52

Select the Apache DS target version.

Option Description Default

Apache DS version Each version of Apache DS defines its specificsettings and 'server.xml' file format. In order todisplay the right editor, you need to provide theversion of Apache DS you're targeting.

1.5.5

53

Chapter III. What's newWhat's new in 1.5.0

Support for Apache DS 1.5.5

The Apache DS Configuration plugin now supports the 1.5.5 version of Apache Directory Server.

What's new in 1.4.0Internationalization

Apache Directory Studio is now fully internationalized. Out of the box English, French and Germantranslations are provided.

What's new in 1.2.0Support for Apache DS 1.5.3, 1.5.2, 1.5.1 and 1.5.0

What's new

54

The Apache DS Configuration plugin now supports the 1.5.3, 1.5.2, 1.5.1 and 1.5.0 versions of ApacheDirectory Server.

55

Chapter IV. Release notesApache Directory Studio 1.5.2 - (2009,December 11th)

Task

• [DIRSTUDIO-605] - Update the help content of the configuration editor for version 1.5.5 of Apache DS

Apache Directory Studio 1.5.1 - (2009,November 30th)

Nothing new.

Apache Directory Studio 1.5.0 - (2009,November 2nd)

Bug

• [DIRSTUDIO-520] - NPE when saving a 1.5.0 server configuration

Improvement

• [DIRSTUDIO-521] - Replace the XSLT transformation by the use of the Dom4J OutputFormat classfor XML pretty print

New Feature

• [DIRSTUDIO-536] - Add support for version 1.5.5 of the Apache DS server.xml configuration file

Apache Directory Studio 1.4.0 - (2009, April 7th)Bug

• [DIRSTUDIO-436] - Eclipse Hangs on Startup

New Feature

• [DIRSTUDIO-397] - Request for multi-language GUI

Apache Directory Studio 1.3.0 - (2008,November 24th)

Bug

• [DIRSTUDIO-394] - SASL Realms are not correctly saved in the 1.5.2 and 1.5.3 Apache DSConfiguration Editor

Release notes

56

Improvement

• [DIRSTUDIO-393] - Add support for ApacheDS 1.5.4 server.xml file in the ApacheDS ConfigurationEditor

Task

• [DIRSTUDIO-375] - Move each plugin IDs in a plugin.properties file

Apache Directory Studio 1.2.0 - (2008, august18th)

Bug

• [DIRSTUDIO-323] - Studio fails to read ApacheDS server.xml

Task

• [DIRSTUDIO-332] - Add support for 1.5.3, 1.5.2 and 1.5.0 server.xml configuration files

Apache Directory Studio 1.1.0 - (2008, march31st)

Bug

• [DIRSTUDIO-286] - Update Site is not working, missing dependencies in ldifeditor, ldapbrower andschemaeditor feature

• [DIRSTUDIO-284] - Changing "Supported Authentication Mechanism" doesn't set the dirty flag.

• [DIRSTUDIO-281] - LDIF and Apache DS configuration files can't be saved in RCP mode

• [DIRSTUDIO-253] - cant open server.xml with directory studio

• [DIRSTUDIO-239] - Apache DS Configuration Plugin cannot parse server.xml file correctly

Task

• [DIRSTUDIO-236] - Update the Apache DS Configuration plugin to work with the server.xml file ofApache DS 1.5.1

Apache Directory Studio 1.0.0 - (2007,september 3rd)

Initial release.

apache directory studio apache ds configuration

Documents